Tag Archives: ACFE

Case Actions – The Baseline For Productive Investigation Units

Several times each week, I receive an inquiry from a PD, task force, or Sheriff’s office asking if my investigation case management software, Case Closed Software, can interface with a particular Records Management System (RMS). The question stems from the investigation unit’s desire to have a purpose-built, flexible solution designed to help their agents stay organized and work more efficiently.

Let’s face it… RMS software, by and large, is not designed for managing major cases. Agencies know it, and the RMS vendors know it. For them, the notion of managing the complexities of major case investigations is an afterthought at best.

(The answer I give to these inquiries, by the way, is that any good investigation management software should have capabilities to ingest data from other law enforcement products, including RMS).

The more important point, however, is recognizing that criminal investigators gather vasts amounts of information during the course of an investigation. Witness statements, interviews, interrogations, tips, leads, informant statements, audio files, video files, photos, and much more. Too often, agents must rely on their RMS systems which, per above, are not purpose-built for investigations. Investigators also rely heavily on paper files and file cabinets full of notes, search warrants, and physical evidence.

Fortunately, there is an alternative… purpose built investigation case management software that utilizes what I call ‘Case Actions’ as the underlying workflow. Case Actions are the individual actions that an investigation unit takes in pursuit of closing a case. Case Actions are expansive in nature, and include:

  • Crime Scene Visits
  • Interviews
  • Interrogations
  • Knock ‘n Talks
  • Surveillance
  • DNA
  • Search Warrants
  • Affidavits
  • Controlled Buys
  • Arrests

… and much, much more. You get the idea, though.

By effectively logging each Case Action in a particular Case, the investigators (and management) are able to quickly and visually recognize the status of the case, and what further actions should be taken. Each Case Action leads to new information… which leads to new Case Actions. And the beat goes on. Hopefully, sooner rather than later, enough information is garnered to close the case. That’s the power of Case Action based workflow.

WIth the Case Action based approach, each Case Action is tied to Persons, Locations, Vehicles, etc. As a result, robust dossiers of these things are built without the individual agent(s) even realizing it.

By utilizing an investigation case management solution that is based upon Case Actions, law enforcement can leverage information from previously-entered data such as telephone numbers, evidence items, addresses, persons, gang members, etc. The Case Actions feed themselves – and each other – to build a valuable repository of investigative information.

An example: A detective has received a tip that Doug Wood is involved in a particular criminal activity. By accessing her Case Action-based system, she quickly learns that Doug Wood has been a Suspect in Case 1 (belonging to an entirely different investigator), and a Witness in Case 2 (belonging to a third investigator).

She also learns (via Case Actions performed by the Gang Unit) that Doug Wood shares an address with a confirmed Gang Member and goes by the nickname ‘Woody’. She also sees Doug’s previous addresses, telephone numbers, work history, social media accounts and so on… each of which has been logged as part of completely unique Case Actions.

That is the power of Case Actions based investigation management software. Because each previous Case Action involving Doug Wood was logged, the current investigator has a goldmine of information at her fingertips.

Case Closed Software is the leading provider of Case Action based investigation case management software for law enforcement. Contact Us for a demo today!

The Taxman Cometh (With Case Closed Cloud™)

(March 5, 2018) Austin, TX – Case Closed Software® announced today that one of the largest constitutional tax collectors in the state of Florida has selected Case Closed Cloud™ as its next-generation investigative case management platform.
The county office serves approximately 1.5M residents,  and is involved in the collection of taxes and the investigation of all related criminal cases. Through Case Closed Cloud, the agency will easily manage files and documents associated with individual cases and specific case actions.
The agency acts an independent agency to be free from influence by local or state agencies that have the power to levy taxes, and serves the county as its agent for the administration of varying taxes.
“A unique feature of Case Closed Cloud is the ability for agencies to use their own forms in conjunction with the software”, said Douglas Wood, president of Case Closed Software. “The tax collector’s office will have full access to all of the materials they need, wherever they need them, through our cloud-based case management software”.
Case Closed Cloud is an innovative new Software-as-a-Service (SaaS) investigation management platform from Crime Tech Solutions, LLC – a leading provider of software to law enforcement, state agencies, and other investigative agencies.
“Case Close Cloud is an innovative new offering, and is already disrupting the case management industry”, said Douglas Wood, the company’s founder and chief executive. “This new customer chose us specifically for our unparalleled feature set, and because they can literally start using the system immediately without any internal IT headaches.”
Case Closed Software offers its software in both ‘on-premise’ and ‘cloud-based’ deployments, meaning that customers can quickly deploy the functionality in the manner that best suits their business requirements.

Crime Tech Solutions Acquires Case Closed Software

June 1, 2016 (Austin, TX)   Crime Tech Solutions, LLC, a leading provider of analytics and investigation software for law enforcement and commercial markets, today announced that it has acquired Cleveland, TN based Case Closed Software in a cash transaction. The terms of the deal were not released, but according to Crime Tech Solutions’ founder and president Douglas Wood, the acquisition brings together two dynamic and fast-growing software companies with an unparalleled complement of technologies.
For Crime Tech Solutions, the opportunity to add Case Closed Software into the fold was too good to pass up” said Mr. Wood. “We think that the technology offered by Case Closed helps to further differentiate us in the market as the price performance leader for this type of investigative solution.PNG
Crime Tech Solutions, based in the city of Leander, TX, delivers advanced analytics and investigation software to commercial investigators and law enforcement agencies across the globe. Their solution suite includes criminal intelligence software, sophisticated crime analytics with geospatial mapping, and powerful link analysis and visualization software. The company says that the addition of Case Closed Software expands those offerings even further.
Case Closed Software develops and markets investigative case management software specifically designed for law enforcement agencies. The suite is built around four primary software products including best-in-class investigative case management software, property and evidence tracking, a gang database tool, and an integrated link analysis and data visualization tool. The company also plans to release the solution as Case Closed Cloud for cloud-based access.
Case Closed couldn’t be happier than to be joining Crime Tech Solutions,” said Keith Weigand, the company’s founder. “The blending of our technologies creates a suite that will add tremendous value to our mutual customers, and will be hard for others to duplicate.
According to both Mr. Weigand and Mr. Wood, the name Case Closed will continue on as the product brand, given its widespread popularity and loyal customer base. Crime Tech Solutions is expected to retain all Case Closed employees, with Mr. Weigand joining as the company’s chief technical officer.
Crime Tech Solutions says it expects continued growth via ongoing software sales and strategic acquisitions.
About Crime Tech Solutions
(NOTE: Crime Tech Solutions is an Austin, TX based provider of crime and fraud analytics software for commercial and law enforcement groups. Our offerings include sophisticated Case Closed™ investigative case management and major case management, GangBuster™ gang intelligence software, powerful link analysis software, evidence management, mobile applications for law enforcement, comprehensive crime analytics with mapping and predictive policing, and 28 CFR Part 23 compliant criminal intelligence database management systems.)

China building big data platform for pre-crime

Re-posted by Crime Tech Solutions – Your Source for Investigation Software
It’s “precrime” meets “thoughtcrime.” China is using its substantial surveillance apparatus as the basis for a “unified information environment” that will allow authorities to profile individual citizens based upon their online behaviors, financial transactions, where they go, and who they see. The authorities are watching for deviations from the norm that might indicate someone is involved in suspicious activity. And they’re doing it with a hand from technology pioneered in the US.
Tiananmen_Square_Beijing_China_1988_1-640x447As Defense One’s Patrick Tucker reports, the Chinese government is leveraging “predictive policing” capabilities that have been used by US law enforcement, and it has funded research into machine learning and other artificial intelligence technologies to identify human faces in surveillance video. The Chinese government has also used this technology to create a “Situation-Aware Public Security Evaluation (SAPE) platform” that predicts “security events” based on surveillance data, which includes anything from actual terrorist attacks to large gatherings of people.
The Chinese government has plenty of data to feed into such systems. China invested heavily in building its surveillance capabilities in major cities over the past five years, with spending on “domestic security and stability” surpassing China’s defense budget—and turning the country into the biggest market for security technology. And in December, China’s government gained a new tool in surveillance: anti-terrorism laws giving the government even more surveillance powers and requiring any technology companies doing business in China to provide assistance in that surveillance.
The law states that companies “shall provide technical interfaces, decryption and other technical support and assistance to public security and state security agencies when they are following the law to avert and investigate terrorist activities”—in other words, the sort of “golden key” that FBI Director James Comey has lobbied for in the US. For obvious reasons, the Chinese government is particularly interested in the outcome of the current legal confrontation between the FBI and Apple over the iPhone used by Syed Farook.
Bloomberg reports that China is harnessing all that data in an effort to perform behavioral prediction at an individual level—tasking the state-owned defense contractor China Electronics Technology Group to develop software that can sift through the online activities, financial transactions, work data, and other behavioral data of citizens to predict which will perform “terrorist” acts. The system could watch for unexpected transfers of money, calls overseas by individuals with no relatives outside the country, and other trigger events that might indicate they were plotting an illegal action. China’s definition of “terrorism” is more expansive than that of many countries.
At a news conference in December, China Electronics Technology Group Chief Engineer Wu Manqing told reporters, “We don’t call it a big data platform, but a united information environment… It’s very crucial to examine the cause after an act of terror, but what is more important is to predict the upcoming activities.”
__
(NOTE: Crime Tech Solutions is an Austin, TX based provider of crime and fraud analytics software for commercial and law enforcement groups. We proudly support the Association of Certified Fraud Examiners (ACFE), International Association of Chiefs of Police (IACP), Association of Law Enforcement Intelligence Units (LEIU) and International Association of Crime Analysts (IACA). Our offerings include sophisticated link analysis software, comprehensive crime analytics with mapping and predictive policing, and criminal intelligence database management systems.)

Uncovering Fraud means Uncovering Non-Obvious Relationships

Posted by Tyler Wood, Operations Manager at Crime Tech Solutions
Although no fraud prevention measures are ever 100% foolproof, significant progress can be achieved by looking beyond the individual data points to the relationships between them. This is the science of link analysis.
Looking at data relationships isn’t straightforward and doesn’t necessarily mean gathering new or more data. The key to battling financial crimes it is to look at the existing data in a new way – namely, in a way that makes underlying connections and patterns using powerful but proven tools such as the Sentinel Visualizer software offered by Crime Tech Solutions.
Unlike most other ways of looking at data, link analysis charts are designed to exploit relationships in data. That means they can uncover patterns difficult to detect using traditional representations such as tables.
Now, we all know that there are various types of fraud – first-party, insurance, and e-commerce fraud, for instance. What they all have in common is the layers of dishonesty to hide the crime. In each of these types of fraud, link analysis from Crime Tech Solutions offers a significant opportunity to augment existing methods of fraud detection, making evasion substantially more difficult.
Let’s take a look at first-party fraud. This type of fraud involves criminals who apply for loans or credit cards but who have no intention of ever paying the money back. It’s a serious problem for banks, who lose tens of billions of dollars every year to this form of fraud. It’s hard to detect and the fraudsters are good at impersonating good customers until the moment they do their ‘Bust-Out,’ i.e. cleaning out all their accounts and disappearing.
Another factor is the nature of the relationships between the participants in the fraud ring. While these characteristics make these schemes very damaging, it also renders them especially vulnerable to link analysis methods of fraud detection.
That’s because a first-party fraud ring involves a group of people sharing a subset of legitimate contact information and bogus information, and then combining them to create a number of synthetic identities. With these fake identities, fraudsters open new accounts for new forms of loans.
The fraudsters’ accounts are used in a normal manner with regular purchases and timely payments so that the banks gain confidence and slowly increase credit over time. Then, one day… Poof! The credit cards are maxed out and everyone has disappeared. The fraudsters are long gone and ready to hit the next bank down the road.
Gartner Group believes in a layered model for fraud prevention that starts with simple discrete methods but progresses to more elaborate types of analysis. The final layer, Layer 5, is called  “Entity Link Analysis” and is designed to leverage connections in data in order to detect organized fraud.
In other words, Gartner believes that running appropriate entity link analysis queries can help organizations identify probable fraud rings during or even before the fraud occurs.
 

IBM Crime Analytics: Missing the mark? CTS Hits the bullseye!

quote-one-may-miss-the-mark-by-aiming-too-high-as-too-low-thomas-fuller-10-41-63Posted by Crime Tech Solutions – Your source for analytics in the fight against crime and fraud.
September 7, 2015. IBM announced this week a major update to its IBM i2 Safer Planet intelligence portfolio that includes a major overhaul of the widely used Analyst’s Notebook product. The product, which has become increasingly abandoned by its user base over the past five years, is now being positioned as ‘slicker‘ than previous versions.
IBM suggests that the new version scales from one to 1,000 users and can ingest petabytes of information to visualize. (A single petabyte roughly translates to 20,000,000 four-drawer filing cabinets completely filled with text).
That’s a lot of data. Seems to me that analysts are already inundated with data… now they need more?
This all begs the question: “Where is IBM headed with this product?”
The evidence seems to point to the fact that IBM wants this suite of products to compete head-to-head with money-raising machine and media darling Palantir Technologies. If I’m IBM, that makes sense. Palantir has been eating Big Blue’s lunch for a few years now, particularly at the lucrative US Federal market level. Worse yet, for IBM i2, is the recent news of a new competitor with even more powerful technology.
If I’m a crime or fraud analyst, however, I have to view this as IBM moving further and further away from my reality.
The reality? Nobody has ever yelled “Help! I’ve been robbed. Call the petabytes of ‘slick’ data!”  No, this tiring ‘big data’ discussion is not really part of the day to day work for the vast majority of analysts. Smart people using appropriate data with intuitive and flexible crime technology solutions… that’s the reality for most of us.
So, as IBM moves their market-leading tool higher and higher into the stratosphere, where does the industry turn for more practical desktop solutions with realistic pricing? For more and more customers around the world, the answer is a crime and fraud link analytics tool from Crime Tech Solutions.
No, it won’t ingest 20,000,000 four-drawer filing cabinets of data, and it’s more ‘efficient‘ than ‘slick‘. Still, the product has been around for decades as a strong competitor to Analysts Notebook, and is well-supported by a network of strategic partners around the world. Importantly, it is the only American made and supported alternative. Period. It’s also, seemingly, the last man standing in the market for efficient and cost-effective tools that can be used by real people doing their real jobs.

Using Link Analysis to untangle fraud webs

Posted by Douglas Wood, Editor.
NOTE: This article originally appeared HERE by Jane Antonio. I think it’s a great read…
Link analysis has become an important technique for discovering hidden relationships involved in healthcare fraud. An excellent online source, FierceHealthPayer:AntiFraud, recently spoke to Vincent Boyd Bryant about the value of this tool for payer special investigations units.
A former biometric scientist for the U.S. Department of Defense, Bryant has 30 years of experience in law enforcement and intelligence analysis. He’s an internationally-experienced investigations and forensics expert who’s worked for a leading health insurer on government business fraud and abuse cases.
How does interactive link analysis help insurers prevent healthcare fraud? Can you share an example of how the tool works?

Boyd Bryant: Link analysis is most often used to piece together different kinds of data from multiple sources–to identify key players, connections between those players and patterns of behavior frequently missed. It can simplify an understanding of the level of involvement of individuals and criminal organizational hierarchies and can greatly simplify visualizing and communicating the operations of complex criminal enterprises.

One thing criminals do best is hide pots of money in different places. As a small criminal operation becomes successful, it will often expand its revenue streams through associated businesses. Link analysis is about trying to figure out where all those different baskets of revenue may be. Insurers are drowning in a sea of theft. Here’s where link analysis becomes beneficial. Once insurers discover a small basket of money lost to a criminal enterprise, then serious research needs to go into finding out who owns the company, who they’re associated with, what kinds of business they’re doing and if there are claims associated with it.
You may find a clinic, for example, connected to and working near a pharmacy, a medical equipment supplier, a home healthcare services provider and a construction company. Diving into those companies and what they do, you find that they’re serving older patients for whom multiple claims from many providers exist. The construction company may be building wheelchair ramps on homes. And you may find that the providers are claiming payment for dead people. Overall, using this tool requires significant curiosity and a willingness to look beyond the obvious.
Any investigation consists of aggregating facts, generating impressions and creating a theory about what happened. Then you work to confirm or disconfirm your theory. It’s important to have tools that let you take large masses of facts and visualize them in ways that cue you to look closer.
Let’s say you investigate a large medical practice and interview “Doctor Jones.” The day after the interview, you learn through link analysis that he transferred $11 million from his primary bank account to the Cayman Islands. And in looking at Dr. Jones’ phone records, you see he called six people, each of whom was the head of another individual practice on whose board Dr. Jones sits. Now the investigation expands, since the timing of those phone calls was contemporaneous to the money taking flight.
Why are tight clusters of similar entities possible indicators of fraud, waste or abuse?
Bryant: When you find a business engaged in dishonest practices and see its different relationships with providers working out of the same building, this gives rise to reasonable suspicion. The case merits a closer look. Examining claims and talking to members served by those companies will give you an indication of how legitimate the operation is.
What are the advantages of link analysis to payer special investigation units, and how are SIUs using its results?
Bryant:  Link analysis can define relationships through data insurers haven’t always had, data that traditionally belonged to law enforcement.
Link analysis results in a visual reference that can take many forms: It can look like a family tree, an organizational chart or a time line. This reference helps investigators assess large masses of data for clustering and helps them arrive at a conclusion more rapidly.

Using link analysis, an investigator can dump in large amounts of data–such as patient lists from multiple practices–and see who’s serving the same patient. This can identify those who doctor shop for pain medication, for example. Link analysis can chart where this person was and when, showing the total amount of medication prescribed and giving you an idea of how the person is operating.
What types of data does link analysis integrate?
Bryant: Any type of data that can be sorted and tied together can be loaded into the tool. Examples include telephone records, addresses, vehicle information, corporate records that list individuals serving on boards and banking and financial information. Larger supporting documents can be loaded and linked to the charts, making cases easier to present to a jury.
Linked analysis can pull in data from state government agencies, county tax records or police records from state departments of correction and make those available in one bucket. In most cases, this is more efficient than the hours of labor needed to dig up these types of public records through site visits.
Is there anything else payers should know about link analysis that wasn’t covered in the above questions?
Bryant: The critical thing is remembering that you don’t know what you don’t know. If a provider or member is stealing from the plan in what looks like dribs and drabs, insurers may never discover the true extent of the losses. But if–as a part of any fraud allegation that arises–you look at what and who is associated with the subject of the complaint, what started as a $100,000 questionable claims allegation can expose millions of dollars in inappropriate billings spread across different entities.

Part Two: Major Investigation Analytics – Big Data and Smart Data

Posted by Douglas Wood, Editor.
As regular readers of this blog know, I spend a great deal of time writing about the use of technology in the fight against crime – financial and otherwise. In Part One of this series, I overviewed the concept of Major Investigation Analytics and Investigative Case Management.
I also overviewed the major providers of this software technology – Palantir Technologies, Case Closed Software, and Visallo. The latter two recently became strategic partners, in fact.
The major case for major case management (pun intended) was driven home at a recent crime and investigation conference in New York. Full Disclosure: I attended the conference for educational purposes as part of my role at Crime Tech Weekly. Throughout the three day conference, speaker after speaker talked about making sense of data. I think if I’d have heard the term ‘big data’ one more time I’d have gone insane.  Nevertheless, that was the topic du jour as you can imagine, and the 3 V’s of big data – volume, variety, and velocity – remain a front and center topic for the vendor community serving the investigation market.
According to one report, 96% of everything we do in life – personal or at work – generates data. That statement probably best sums up how big ‘big data’ is.  Unfortunately,  there was very little discussion about how big data can help investigate major crimes. There was a lot of talk about analytics, for sure, but there was a noticeable lack of ‘meat on the bone’ when it came to major investigation analytics.
Nobody has ever yelled out “Help, I’ve been attacked. Someone call the big data!”. That’s because big data doesn’t, in and by itself, do anything.  Once you can move ‘big data’ into ‘smart data’, however, you have an opportunity to investigate and adjudicate crime. To me, smart data (in the context of investigations) is a subset of an investigator’s ability to:

  1. Quickly triage a threat (or case) using only those bits of data that are most immediately relevant
  2. Understand the larger scope of the crime through experience and crime analytics, and
  3. Manage that case through intelligence-led analytics and investigative case management, data sharing, link exploration, text analytics, and so on.

Connecting the dots, as they say. From an investigation perspective, however, connecting dots can be daunting. In the children’s game, there is a defined starting point and a set of rules.  We simply need to follow the instructions and the puzzle is solved. Not so in the world of the investigator. The ‘dots’ are not as easy to find. It can be like looking for a needle in a haystack, but the needle is actually broken into pieces and spread across ten haystacks.
Big data brings those haystacks together, but only smart data finds the needles… and therein lies the true value of major investigation analytics.

Robbing the Casket, What Happens In Vegas, and Railroad Ripoffs: Selected Financial Crimes Snapshot 12/21/2013

To all of our readers… Have a great Christmas season and see you in 2014!
Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Another case of worker’s compensation premium fraud. You may recall my previous post on this subject. It’s worth reading.
http://manasquan.patch.com/groups/police-and-fire/p/owner-of-wallbased-roofing-company-indicted-for-fraud-and-theft
You’ve heard of robbing the cradle. This is robbing the casket, I suppose…
http://www.13abc.com/story/24279926/funeral-home-owner-charged-with-theft-fraud
He’ll have 8 years to choo choo choose a new way to make a living…
http://newyork.cbslocal.com/2013/12/21/8-years-in-prison-for-former-lirr-conductor-in-fraud-scheme/
What happens in Vegas… Stays in a federal penitentiary.
http://www.lasvegassun.com/news/2013/dec/20/man-gets-11-years-15-million-mortgage-fraud-scheme/

Part 2: Investigating the Investigations – X Marks the Spot

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Part One of this series is HERE.
Most of the financial crimes investigators I know live in a world where they dream of moving things from their Inbox to their Outbox. Oh, like everyone else, they also dream about winning the lottery, flying without wings, and being naked in public. But in terms of the important roles they perform within both public and private sectors, there is simply Investigating (Inbox) and Adjudication (Outbox). Getting there requires a unique blend of their own capabilities, the availability of data, and the technology that allows them to operate. In the diagram below, ‘X‘ marks the spot where crimes are moved from the Inbox to the Outbox. Without any of those three components, an investigation becomes exponentially more difficult to conclude.
Presentation1
In part one of this article two weeks ago, I wrote about the Investigation Management & Adjudication (IMA) side of financial crimes investigations. I coined that term to call out what is arguably the most integral component of any enterprise fraud management (EFM) ecosystem. The original EFM overview is here.

   “The job is almost unrecognizable to those who once used rotary phones in smoke filled offices…

Twenty years ago, IMA was based primarily upon human eyes. Yes, there were technology tools available such as Wordperfect charts and Lotus 1-2-3 spreadsheets, but ultimately it was the investigator who was tasked with finding interesting connections across an array of data elements including handwritten briefs, telephone bills, lists of suspect information, and discussions with other investigators. The job got done, though. Things moved from the Inbox to the Outbox, arrests were made and prosecutions were successful. Kudos, therefore, to all of the investigators who worked in this environment.
Fast forward to today, and the investigator’s world is dramatically different. The job is the same, of course, but the tools and mass availability of data has made the job almost unrecognizable to those who once used rotary phones in smoke filled offices. Organizations began building enterprise data warehouses designed to provide a single version of the truth. Identity Resolution technology was implemented to help investigators recognize similarities between entities in that data warehouse. And today, powerful new IMA tools are allowing easy ingestion of that data, improved methods for securely sharing across jurisdictions, automated link discovery, non-obvious relationship detection, and interactive visualization tools, and -importantly – packaged e-briefs which can be understood and used by law enforcement, prosecutors, or adjudication experts.

     “Without any of these components, everything risks falling to the outhouse…

With all these new technologies, surely the job of the Investigator is becoming easier? Not so fast.
IMA tools – and other EFM tools – do nothing by themselves. The data – big data – does nothing by itself. It just sits there. The best investigators – without tools or data – are rendered impotent.  Only the combination of skilled, trained investigators using the best IMA tools to analyze the most useful data available results in moving things from the Inbox to the Outbox. Without any of these components… everything eventually risks falling to the Outhouse.
Kudos again, Mr. and Mrs. Investigator. You’ll always be at the heart of every investigation. Here’s hoping you solve for X every day.